Skip to main content

Sonicwall EUVDEUVD-2026-17640

| CVE-2026-3468 MEDIUM
Cross-site Scripting (XSS) (CWE-79)
2026-03-31 sonicwall
4.8
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
4.8 MEDIUM
AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
High
User Interaction
Required
Scope
Changed
Confidentiality
Low
Integrity
Low
Availability
None

Lifecycle Timeline

3
EUVD ID Assigned
Mar 31, 2026 - 20:31 euvd
EUVD-2026-17640
Analysis Generated
Mar 31, 2026 - 20:31 vuln.today
CVE Published
Mar 31, 2026 - 20:17 nvd
MEDIUM 4.8

DescriptionCVE.org

A stored Cross-Site Scripting (XSS) vulnerability has been identified in the SonicWall Email Security appliance due to improper neutralization of user-supplied input during web page generation, allowing a remote authenticated attacker as admin user to potentially execute arbitrary JavaScript code.

AnalysisAI

Stored Cross-Site Scripting (XSS) in SonicWall Email Security allows authenticated admin users to inject and execute arbitrary JavaScript code through improper input sanitization during web page generation. The vulnerability affects all versions of SonicWall Email Security appliance and requires admin-level authentication to exploit, limiting immediate exposure but posing significant risk to organizations where admin accounts are compromised or insider threats exist.

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Vulnerability AssessmentAI

Risk Assessment While CVSS and EPSS scores are unavailable, this vulnerability carries moderate-to-high real-world risk despite authentication requirements. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker with a compromised SonicWall Email Security admin account (obtained via phishing, credential stuffing, or insider access) logs into the web management console and injects a stored XSS payload into a configuration field such as a custom email filter rule name, email gateway setting, or admin message banner. When other administrators or support staff access the appliance to review configurations or check system status, their browsers execute the injected JavaScript in the context of the SonicWall management session. …
Remediation Obtain and apply the vendor-released security patch from SonicWall via the PSIRT advisory at https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2026-0002. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

CVE-2025-23008 HIGH
7.2 Apr 10

An improper privilege management vulnerability in the SonicWall NetExtender Windows (32 and 64 bit) client allows a low

CVE-2026-4112 HIGH
7.2 Apr 09

SQL injection in SonicWall SMA1000 series appliances allows authenticated attackers with read-only administrator privile

CVE-2025-23010 HIGH
7.2 Apr 10

An Improper Link Resolution Before File Access ('Link Following') vulnerability in SonicWall NetExtender Windows (32 and

CVE-2025-23009 HIGH
7.2 Apr 10

A local privilege escalation vulnerability in SonicWall NetExtender Windows (32 and 64 bit) client which allows an attac

CVE-2026-4113 HIGH
7.2 Apr 09

SonicWall SMA1000 SSL VPN appliances allow remote authenticated administrators to enumerate valid user credentials throu

CVE-2026-4116 HIGH
7.2 Apr 09

Two-factor authentication bypass in SonicWall SMA1000 SSL-VPN allows remote attackers with valid SSLVPN credentials to c

CVE-2026-4114 MEDIUM
6.6 Apr 09

Remote authenticated SonicWall SMA1000 SSLVPN administrators can bypass AMC TOTP (Time-based One-Time Password) authenti

CVE-2025-32817 MEDIUM
6.1 Apr 16

A Improper Link Resolution vulnerability (CWE-59) in the SonicWall Connect Tunnel Windows (32 and 64 bit) client, this r

CVE-2026-3470 LOW
3.8 Mar 31

Database corruption in SonicWall Email Security appliance via improper input sanitization allows authenticated admin use

CVE-2026-3469 LOW
2.7 Mar 31

SonicWall Email Security appliance becomes unresponsive due to improper input validation when an authenticated administr

CVE-2025-40604 CRITICAL
9.8 Nov 20

Download of Code Without Integrity Check Vulnerability in the SonicWall Email Security appliance loads root filesystem i

CVE-2024-12802 CRITICAL
9.1 Jan 09

SSL-VPN MFA Bypass in SonicWALL SSL-VPN can arise in specific cases due to the separate handling of UPN (User Principal

Share

EUVD-2026-17640 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy